marketplaceOverview
The Sophos Integration monitors the overall health of your Sophos managed endpoints to make sure your managed devices are in good health. The integration comes pre-built with 1 dashboard that provides a broad overview of several metrics that can be used to monitor the health of your devices. The Sophos Integration also comes with 2 monitors that can be used to alert when a device is no longer in good health, or if one of the Sophos services on the device stops.
Monitors
- Managed Endpoint Health has Changed
- Sophos Service on Managed Endpoint is Stopped
Dashboards
- RapDev Sophos Dashboard
Data Collected
Metrics
|  |  | 
|---|
| rapdev.sophos.endpoint.registered (gauge)
 | Submitted with a value of 1 for each endpoint and tagged with its various health statuses | 
| rapdev.sophos.endpoint.last_seen (gauge)
 | Number of seconds since the endpoint last checked into Sophos Shown as second
 | 
| rapdev.sophos.endpoint.service_health (gauge)
 | Number of service endpoints checked into Sophos | 
| rapdev.sophos.health_check.policy.computer.threat_protection.not_on_recommended (gauge)
 | Number of computers not on recommended threat protection | 
| rapdev.sophos.health_check.policy.computer.threat_protection.score (gauge)
 | Score out of 100 for computers passing threat protection checks | 
| rapdev.sophos.health_check.policy.computer.threat_protection.total (gauge)
 | Number of computers in total under threat protection checks | 
| rapdev.sophos.health_check.policy.server.server_threat_protection.not_on_recommended (gauge)
 | Number of servers not on recommended threat protection | 
| rapdev.sophos.health_check.policy.server.server_threat_protection.score (gauge)
 | Score out of 100 for servers passing threat protection checks | 
| rapdev.sophos.health_check.policy.server.server_threat_protection.total (gauge)
 | Number of total servers under threat protection checks | 
| rapdev.sophos.health_check.exclusions.policy.computer.score (gauge)
 | Score out of 100 for computers passing exclusion checks | 
| rapdev.sophos.health_check.exclusions.policy.computer.total (gauge)
 | Number of total computers under exclusion checks | 
| rapdev.sophos.health_check.exclusions.policy.computer.number_of_security_risks (gauge)
 | Number of computers’ security risks found in exclusion checks | 
| rapdev.sophos.health_check.exclusions.policy.server.score (gauge)
 | Score out of 100 of servers passing exclusion checks | 
| rapdev.sophos.health_check.exclusions.policy.server.total (gauge)
 | Number of total servers under exclusion checks | 
| rapdev.sophos.health_check.exclusions.policy.server.number_of_security_risks (gauge)
 | Number of servers’ security risks found in exclusion checks | 
| rapdev.sophos.health_check.exclusions.global.score (gauge)
 | Score out of 100 for global exclusion checks | 
| rapdev.sophos.health_check.exclusions.global.number_of_security_risks (gauge)
 | Number of global security risk exclusions | 
| rapdev.sophos.health_check.protection.computer.not_fully_protected (gauge)
 | Number of computers not fully protected | 
| rapdev.sophos.health_check.protection.computer.score (gauge)
 | Score out of 100 of computers passing protection checks | 
| rapdev.sophos.health_check.protection.computer.total (gauge)
 | Number of total computers under protection checks | 
| rapdev.sophos.health_check.protection.server.not_fully_protected (gauge)
 | Number of servers not fully protected | 
| rapdev.sophos.health_check.protection.server.score (gauge)
 | Score out of 100 of servers passing protection checks | 
| rapdev.sophos.health_check.protection.server.total (gauge)
 | Number of total servers under protection checks | 
| rapdev.sophos.health_check.tamper_protection.server.score (gauge)
 | Score out of 100 of servers passing tamper protection checks | 
| rapdev.sophos.health_check.tamper_protection.server.total (gauge)
 | Number of total servers under tamper protection checks | 
Service Checks
rapdev.sophos.can_connect
Returns OK if the agent can connect to Sophos API, CRITICAL if it can’t.
Statuses: ok, critical
rapdev.sophos.endpoint.overall_health
Returns OK if the endpoint is in good health, WARNING if it is in suspicious health, CRITICAL if it is in bad health, and UNKNOWN if health is not found
Statuses: ok, critical, warning, unknown
rapdev.sophos.endpoint.service_running
Returns OK if the service is running, CRITICAL if it is not.
Statuses: ok, critical
rapdev.sophos.firewall.connected
Returns OK if the Firewall is connected, CRITICAL if it is not.
Statuses: ok, critical
rapdev.sophos.firewall.suspended
Returns CRITICAL if the Firewall is suspended, OK if it is not.
Statuses: ok, critical
rapdev.sophos.health_check.policy.computer.threat_protection.snoozed
Returns CRITICAL if the policy is snoozed, OK if it is not.
Statuses: ok, critical
rapdev.sophos.health_check.policy.server.server_threat_protection.snoozed
Returns CRITICAL if the policy is snoozed, OK if it is not.
Statuses: ok, critical
rapdev.sophos.health_check.exclusions.policy.computer.snoozed
Returns CRITICAL if the policy is snoozed, OK if it is not.
Statuses: ok, critical
rapdev.sophos.health_check.exclusions.policy.server.snoozed
Returns CRITICAL if the policy is snoozed, OK if it is not.
Statuses: ok, critical
rapdev.sophos.health_check.exclusions.global.locked_by_managing_account
Returns CRITICAL if the settings are managed by a partner or organization, OK if it is not.
Statuses: ok, critical
rapdev.sophos.health_check.exclusions.global.snoozed
Returns CRITICAL if the settings are managed by a partner or organization, OK if it is not.
Statuses: ok, critical
rapdev.sophos.health_check.protection.computer.snoozed
Returns CRITICAL if Protection check is snoozed, OK if it is not.
Statuses: ok, critical
rapdev.sophos.health_check.protection.server.snoozed
Returns CRITICAL if Protection check is snoozed, OK if it is not.
Statuses: ok, critical
rapdev.sophos.health_check.tamper_protection.server.snoozed
Returns CRITICAL if Tamper Protection check is snoozed, OK if it is not.
Statuses: ok, critical
Support
For support or feature requests, contact RapDev.io through the following channels:
This application is made available through the Marketplace and is supported by a Datadog Technology Partner. Click Here to purchase this application.